package com.github.cakin.shiro.chapter15.realm;

import com.github.cakin.shiro.chapter15.service.UserService;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.cas.CasRealm;
import org.apache.shiro.subject.PrincipalCollection;

/**
 * @className: MyCasRealm
 * @description: CasRealm 根据 CAS 服务器端返回的用户身份获取相应的角色 / 权限信息。
 * @date: 2020/5/25
 * @author: cakin
 */
public class MyCasRealm extends CasRealm {

    private UserService userService;

    public void setUserService(UserService userService) {
        this.userService = userService;
    }
    /**
     * 功能描述：认证在cas服务器完成，授权由cas客户端完成
     *
     * @author cakin
     * @date 2020/5/25
     * @param
     * @return
     * @description:
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        String username = (String)principals.getPrimaryPrincipal();

        SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
        authorizationInfo.setRoles(userService.findRoles(username));
        authorizationInfo.setStringPermissions(userService.findPermissions(username));

        return authorizationInfo;
    }
}
